package com.hxs.hxsserver.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class CorsConfig implements WebMvcConfigurer {
    @Override
    public void addCorsMappings(CorsRegistry registry) {

        registry.addMapping("/**")
                //允许所有源请求跨域，* 表示不限制
                .allowedOrigins("*")
                //允许所有原始请求头信息
                .allowedHeaders("*")
                //允许所有方法跨域，或者设置请求方式GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS, TRACE
                .allowedMethods("GET", "POST", "DELETE", "PUT", "OPTIONS", "HEAD")
                //允许包含Cookie
                .allowCredentials(true)
                //允许暴露哪些头信息，为了安全问题不能设置成*
                .exposedHeaders("Access-Control-Allow-Headers, content-type,x-requested-with,Authorization,Token,Access-Token, x-ui-request,lang")
                .maxAge(3600);
    }
}